The present invention relates generally to methods for creating the digital identity of an individual, binding an impression of it to electronic documents, and more particularly to producing reliable and consistently verifiable electronic impressions for automatic identity verification.
This present invention is designed to enhance the exchange of personal, confidential, legal and proprietary information reliably through electronic means. An embodiment of this invention provides an electronic equivalent of the conventional xe2x80x9cpaperxe2x80x9d paradigm, in which documents are authenticated and validated by signatures and seals. In the paper paradigm, signatures and seals, as imprinted on a document, represent the identity of the signer. That is, handwritten signatures, seals (and sometimes fingerprints) are the true representative of the signer.
The desired requirements of an electronic equivalent of the xe2x80x9cpaperxe2x80x9d paradigm, are listed below. The requirements are:
1. The document and the signatures imprinted on the document can not be forged or broken easily (not usually satisfied by passwords).
2. The receiver or anybody else cannot alter the signed documentxe2x80x94the document with which the identity""s impression is boundxe2x80x94or the identity""s impression itself as it is bound to the document, without being detected.
3. The signer cannot deny the act of signing the document (non-repudiation of the origination source of the document).
4. The document can not be duplicated and still be claimed original for re-submission.
5. Full reconstruction of identity, in case of loss of identity.
6. Consistency of comparison results.
7. The verifier should not be assumed trusted. In other words, the verifier should not be able to use information he has about the signer to forge the signer""s identity.
8. The process of signing the document and its verification should be simple and user friendly.
9. The process of signing the document should not rely on sophisticated technology that is not readily available to ordinary computer users other than software implementing the present invention.
10. The signatures, seals and the thumb prints are imprinted on the document and can be inspected by the experts using visual and other verification methods.
We will see that the conventional electronic systems address only a subset of these requirements. A typical electronic replacement of xe2x80x9cpaperxe2x80x9d paradigm uses only cryptographic digital signatures, in which encryption keys generated by the system are used. These keys are provided by the system to the user to be used as their electronic identities. Like seals, these keys have no real binding to the signer because they are not derived from aspects of physical behavior or what the signer knows.
Other typical electronic replacements of the xe2x80x9cpaperxe2x80x9d paradigm use only electronic representations of handwritten signatures. Simpler versions simply use digitized version of handwritten signatures and bind it to the electronic document using cryptography. More sophisticated versions derive probabilistic parameters of the signature and use these parameters as the basis of the identity of the user. Some implementations do bind digitized handwritten signatures cryptographically with the document but provide little protection of the signer""s identity from forgeries created by the verifier. Furthermore, the identity of the individual is solely dependent on digitized handwritten signatures.
Simpler versions mentioned above rely completely on encryption and cryptographic checksums (also called hash values) for the sake of binding the digitized handwritten signature with the electronic document. The checksum is digitally signed using cryptography.
One disadvantage of using a digitized handwritten signature is that the digitized version of a handwritten signature can easily be copied once it is decrypted. Another disadvantage is that the digital checksum of two digitized-handwritten-signature samples is almost never the same, even if they belong to the same person. Therefore effectively the identity of the user is derived from the cryptographic key used for digitally signing the checksum rather than the handwritten signature. Hence from a security point of view, systems using digitized handwritten signatures are only as effective as systems that use only cryptographic digital signatures.
More sophisticated versions of the digitized handwritten signature based security systems derive the identity of the user from probabilistic parameters derived from the signature while it is being executed. The input devices used for capturing the signature in such systems are relatively expensive and not widely available. Since no two signatures of the same person are alike, the parameters derived from them are never exactly the same. Therefore, such systems rely on probabilistic comparisons of the stored reference parameters at the location of verification with those provided with the document. The verification process utilizing probabilistic parameters can never be fully trusted as it depends upon several factors not within the control of the system, such as the quality of parameter extraction at the time of reference parameter extraction, the quality of signature capture at the time of authentication of the document, the mood and physical state of the signer and the age of the reference parameters (signatures characteristics for a person change with time). Since, verification can never be fully trusted, it becomes a poor choice for automatic verification systems. Furthermore, the need for availability of these parameters at the destination is a security risk, since anybody in possession of these parameters can create a forgery with some programming effort.
Electronic document signing systems using biometric information are high cost systems. They use biometric information such as voice, fingerprint, and retina scans. These systems authenticate documents based oh probabilistic comparison of one or more stored samples with the freshly retrieved sample. The problems associated with these forms of identity representations are the same as those associated with handwritten signatures. Often, the system operation is based on extraction of statistical and mathematical parameters. Based on these parameters, and the knowledge of algorithms used for calculating the correlation, some identities can be reverse engineered for beating the automatic verification systems.
Yet another conventional replacement of xe2x80x9cpaperxe2x80x9d paradigm is based on the use of passwords for identifying the signer. This is a paradigm based on what the person knows, and relies on the signer to choose a xe2x80x9cgoodxe2x80x9d security password. The level of protection against attacks is only as good as the passwords picked. Unfortunately, the best passwords are most unfriendly and difficult to remember. It is well known that users often pick poor passwords that can easily be guessed, or reuse passwords excessively.
The document authentication schemes discussed above only partially satisfy the conventional requirements of binding a document sender""s identity to the document.
In systems using public key cryptography, for example U.S. Pat. No. 5,369,702 to Shanton, the signer can deny the act of signing (non-repudiation of the origination source of the document) by claiming that the private key was compromised. Similarly, the verifier can create a forgery of the private key or the cipher text without being detected if the security assumption of the public key cryptography is broken.
There is a need for the following additional requirements for digital identities as well as the impressions made by these identities on electronic documents:
1. Full reconstruction of identity, in case of loss of identity.
2. Consistency of comparison results.
3. The verifier should not be assumed to be trusted. In other words, the verifier should not be able to use the information he has about the signer to forge the signer""s identity.
4. The process of signing the document should not rely on sophisticated technology that is not readily available to an ordinary computer user.
5. Forgeries and repudiation of origin can be proven even if the public key cryptography""s security assumption is broken.
6. The process of signing the document and the verification process should be simple and user friendly.
7. The signature should be verifiable throughout and after the lifetime of the signer.
8. The digital identity of the signer should maintain history of all the changes that are made to the identity itself during its life.
9. The signatures, seals and the thumb prints imprinted on the document should offer both visual and digital means for verifying the signature.
We can broadly classify various electronic document authentication methods into two categories: deterministic or probabilistic.
The digital identities used in deterministic authentication methods can be fully recovered in original form. Examples are methods based on passwords, cryptographic keys, or ones that simply bind digitized signatures with documents cryptographically.
The digital identities used in probabilistic authentication methods cannot be fully recovered in original form and comparisons have to rely on one or more probabilistic correlation functions. To use probabilistic authentication methods in real life, comparison results have to be interpreted within some tolerance ranges.
Examples of these methods include handwritten signatures, voice, fingerprints and other biometric representations. Typically a finite number of parameters are derived from these representations and these parameters are used for authentication.
The present invention creates a digital identity of an individual that can be used in electronic authentication systems for signing the electronic documents. This identity typically includes personal information, images, handwritten signature and passwords. It optionally includes seals, fingerprints and other biometric information. This digital identity can be used to authenticate the integrity and identity of an electronic document, as well as for non-repudiation of the electronic document""s origination source. The digital identity also has other properties associated with conventional electronic authentication systems.
Forgeries of the digital identity, attacks against it, and repudiation of use of the digital identity can be detected by use of an identifier computed from personal information provided by the user. Passwords can be used as one component of this personal information. Using the digital identifier enables forgeries to be detected and repudiation of origin to rebuffed, even if the public key cryptographic assumption is broken. Some versions of the digital identifier can also be reconstructed in case the original digital identity is lost.
This digital identity can be used in automatic verification systems because it provides consistent results, unlike handwritten signature systems in which the comparison results for two signatures may vary significantly, leading to unreliable results.
Although the digital identity may contain handwritten signatures, images, seals, fingerprints and other biometric information in digitized or parameterized form, the authentication and verification process associated with the digital identity does not solely depend on these components. Neither does the security depend only on cryptographic keys or difficult-to-remember passwords.
Since the use of parameterized signature, fingerprints, photographic images and biometric information is optional, the present invention does not depend on sophisticated technology that is not readily available to an ordinary computer user.
The digital identity generated in accordance with the present invention is portable, such as in a floppy disk, smart card, memory card, or other storage device. A compromised storage device is useless, because the digital identity information on it is encrypted. Furthermore, the verifier does not need to know or maintain a document signer""s sensitive information to perform verification. As a result, the verifier can be a non-trusted party who does not have to know the private information or parameters associated with the identity of the signer.
Electronically signing a document is a cumbersome process, especially when it contains a variety of representations of the signer such as handwritten signatures, photographic images and biometric information. Hence in one embodiment of the invention, the digital identity of the signer is created once and stored after encryption for protection. This identity can be used with little effort to bind a verifiable impression made by the signer""s identity to any document. A series of techniques can be used for the person""s identity verification. First the cryptographic digital signature is verified which establishes the integrity of the document, and ensures non-repudiation of origin to the extent that it was signed by the holder of the private key. A time stamp or random number is used to establish that the document is not a duplicate presented as an original. In case of a dispute, digital identity marks, which are functions of the document and the personal identifiers, are used to verify that the digital signature indeed made the signature impression on the accompanying document.